This month’s Update Tuesday brought an early Christmas gift to those who want to use Messenger 2011 or 2012 on Windows 8.1.
Prior to this update being available, when you tried to sign in, you would receive error code 80090004. After the fix is installed, you will be able to sign in as normal.
The update is contained in the 8.1 December’s rollup update (KB2903939), which contains 18 fixes including KB2906900 (Error “0×80090004 (NTE_BAD_LEN)” occurs when you try to sign in to Windows Live Messenger).
Although I quickly managed to write some code to automatically check, download and install the update on machines that need it, it will be a few days before I think it’s ready. In the meantime, I have withdrawn the version of Messenger Reviver which blocked Messenger 2011/2012 installations on 8.1 and you will just need to manually update Windows 8.1 if Windows isn’t updated automatically.
A special thanks to user Chooky who was the first to notice the update!
Updates to this article:
Mar 30/2012: There have been multiple changes to Metro Messenger this past month and the below no longer is sufficient to stop Messenger from signing in. However, these changes seem to have finally added MPOP support (that is, allow you to use Metro Messenger and the normal Messenger client at the same time) and so it’s not nearly maddening as it was initially. I may go back and review this in the coming month.
Mar 2/2012: After redoing my investigation, I figured out that I had missed another connection. It seems to also connect to 188.8.131.52 (otherwise known as beta.xmpp.messenger.live.com) to start the Messenger connection process. Blocking this stopped the below mentioned signout problem. I’ve tweaked the command lines above to reflect this and changed the name of the rule. Based on this information it seems the new client uses XMPP, but that will be the topic for a later article.
Mar 1/2012: Messing around more this evening with Windows 8 has caused my “classic” Messenger client to sign out a few times, even though the built-in Messenger client still claims it can’t connect. I will investigate more shortly to see why that is, although the above still should provide some satisfaction, but probably isn’t a perfect solution just yet.
It’s only been out for a few hours now, but the built-in Messenger client in Windows 8 Consumer Preview is causing me severe mental anguish. I’ll withhold my opinions of the client till later, but it seems to want to constantly connect and there does not appear to be any immediate way to turn this “feature” off. Furthermore, I don’t really want to use this client for Messenger purposes.
So after being rapidly compelled to find out what it is trying to connect to, I think I’ve sorted out a (temporary) solution to disable this built-in Messenger client using the Windows Firewall.
To do so, open an elevated Command Prompt by moving the mouse to left-hand corner until the Start box appears, then right-click and choose Command Prompt (Admin).
Confirm the operation, and then copy one of the following application lines into the clipboard:
For 32-bit Windows 8:
netsh advfirewall firewall add rule name="MetroMessengerXMPP" action="block" dir="out" program="c:\program files\windowsapps\microsoft.windowscommunicationsapps_16.2.3237.215_x86__8wekyb3d8bbwe\LiveComm.exe" remoteip="184.108.40.206,220.127.116.11/24"
For 64-bit Windows 8:
netsh advfirewall firewall add rule name="MetroMessengerXMPP" action="block" dir="out" program="c:\program files\windowsapps\microsoft.windowscommunicationsapps_16.2.3237.215_x64__8wekyb3d8bbwe\LiveComm.exe" remoteip="18.104.22.168,22.214.171.124/24"
Then right-click in the Command Prompt area, choose Paste and press Enter.
You can close the Command Prompt now. Messenger should no longer be able to sign in any more, but the rest of the Windows 8 features should continue to work (including Mail). This works by restricting the LiveComm.exe process from communicating with the Messenger servers at the 126.96.36.199 and 188.8.131.52/24 blocks of IP addresses. Hopefully they won’t decide to change the addressing scheme any time soon.
Note: As I’ve only had a few hours to test this, there may be unforeseen connection problems or it may even stop working later on. You can remove or edit this firewall rule by using the Advanced Firewall configuration (run “wf.msc”).
Back in the days of Windows XP, those using Remote Assistance regularly tended to prefer establishing Remote Assistance sessions using the built-in Windows Messenger client. These days, Easy Connect (added in Windows 7/Server 2008 R2) tends to be the preferred method.
But one major problem with using Easy Connect is within a domain joined computer, it informs you that Easy Connect is not available and does little to tell you why.
As the rather uninformative documentation will inform you, Easy Connect makes use of Microsoft’s “Peer Name Resolution Protocol” (PNRP). You can read more about the inner workings of PNRP, but the key is its use of IPv6 to function. As most of us do not have IPv6 support from our service providers, Windows makes use of Microsoft’s Teredo technology to tunnel you to IPv6 addresses.
So it is Teredo, which Windows automatically turns off in a domain environment that needs to be configured for Easy Connect to work.
Checking Teredo’s present status
You can check if Teredo is enabled by using netsh on the command line:
netsh int teredo show state
By default, Teredo is set in the “client” type. In a domain (managed) environment, you will receive “client is in a managed network” under the Error category when showing the Teredo state.
Enabling Teredo in a domain for Easy Connect
To enable Teredo in a managed domain environment, you’ll need to set the client type to “enterpriseclient”. To do this, depending on your scenario, you can use the netsh command on a single computer or the domain’s group policies to enable multiple machines.
Open an elevated command prompt and type:
netsh int teredo set state type=enterpriseclient
Note that this is a per-machine change, so anyone logging into the computer will get Teredo access.
Using group policy
In Group Policy Management (or related tool), Edit the GPO which affects the machines (ie. Default Domain Policy), navigate to Computer Configuration, Policies, Administrative Templates, Network, TCPIP Settings, IPv6 Transition Technologies and set the Teredo State setting to Enterprise Client.
As soon as the machines get this policy change (or use gpupdate /force on the clients), the setting will immediately work without a Windows restart.
Verifying Teredo is operational
You can again do the netsh int teredo show state command again to check that Teredo is now enabled and operational. If you used Group Policy to enable the setting, you’ll see (Group Policy) tagged after the Type field:
You can also test Teredo by pinging an IPv6 resource like Google:
Checking Easy Connect
To verify Easy Connect is now working, launch Remote Assistance (msra.exe), choose Invite someone you trust to help you, choose the Use Easy Connect option and after its network check, you should receive an invitation code.
A word about Windows Server 2008 R2
There may be instances where you wish to use Easy Connect on a computer using Windows Server 2008 R2. To enable this, you’ll need to go into the Server Manager and install both the Peer Name Resolution Protocol and Remote Assistance. After this is complete, you can enable Teredo as above.
If the Peer Name Resolution Protocol service is set to Disabled or not installed, the Easy Connect option will be grayed out in the Remote Assistance window. The service can be set to Manual (which is the default) as it will be automatically started by Remote Assistance when you go to use it.
Since Teredo can be easily toggled on a whim using netsh, those who prefer not to have Teredo enabled full-time can very easily write a script to automatically enable it prior to starting a remote session and then disable it afterwards.
A small disclaimer: be aware that there are many networking issues which can prevent Easy Connect (more specifically PNRP or Teredo) from working properly, especially problems involving routers, virtualization software or VPNs. Additionally, some or all of the public Teredo tunneling servers may not be available to you. This article does not address any of those difficulties and the Teredo state setting solely enables Teredo to work when Windows believes it is in a domain environment.
Earlier this week my friend David pointed me in the direction of Intel’s AppUp software, as they are running a deal where you get Angry Birds Rio and Chicken Invaders 4 (Ultimate Omelette Christmas) for free when you make your account. I, for one, enjoy a quick, fun (and free) game and Intel seemed trustworthy enough, so I went ahead and installed it.
First and foremost it feels like it takes forever to even get inside the software. On my (Intel) SSD and 10Mbit connection it takes about 20 seconds to completely go through the startup procedure involving some weird progress bars, a logo which comes, goes, comes back, and a random Intel copyright message which shows up to signify the end of the process. Compared to the instant-ness of the Android Market or even iTunes in a virtual machine, this is hardly an ideal initial impression. Additionally, it’s consistently this slow too, not just the first time.
Once you get running you’ll find yourself in a framed window, with the usual custom user web-like interface and standard “app store” features. Design-wise everything seems typical, except in the default non-maximized state, elements in the interface seemed a bit crunched together despite ample space available on the screen. The maximized state was much better, so I suspect it was designed to operate in the larger size.
The downloads happen in small little boxes with tiny progress bars and even though both Angry Birds and Chicken Invaders used the Windows Installer, neither seemed to fully communicate with the AppUp software which simply scrolled “Installing” back and forth with a marquee progress bar awaiting the end of the install. Not a huge problem, but this lack of detail makes it seem like the applications aren’t integrated with AppUp and are on their own. An impression we’ll soon see is incorrect.
With the install complete, I went into Chicken Invaders and amused myself for a little while. The graphics were cute, the music was well done and the gameplay fairly fun. Clearly someone put some love into the game, but having gotten stuck on Chapter 4, I put it away and moved on to something else.
The next day brought Windows Updates, which led to the inevitable reboot and once that was finished, I noticed a new icon had appeared in my notification area. I’m sure it will not come of any surprise to you who the new icon invader belonged to.
AppUp had added two new entries, “Intel AppUp(SM) center” (which is an invisible background process I’ll come back to shortly) and “Intel AppUp(SM) center_Nagware”. I’ll give Intel full credit here, telling me their unnecessary notification area process is “nagware” truly assisted in making sure it doesn’t run again on my machine.
I unchecked both, logged out of Windows and logged back in.
Then I thought, “wouldn’t it be fun to shoot some chicken invaders after all that?” Unfortunately Intel didn’t think similarity and was not pleased that I had the audacity to disable their startup process.
So I headed over to the Start menu and clicked on the Intel AppUp center shortcut. After the increasing annoying 20-second startup delay, I closed it and started Task Manager. Sure enough, a process belonging to Intel named ismagent.exe was running.
With all this determined, I tried to run Chicken Invaders again. It worked just fine this time and with Christmas music playing, I made fried chicken of the chicken invaders again.
In reflection, having been at the mercy of Intel software before, the quality shown here doesn’t surprise me much. Don’t get me wrong, the people at Intel are absolutely amazing at consistently bringing out hardware engineering marvels, but when it comes to software, well, they just don’t seem to get it.
And sure Microsoft can be poor with some of their choices at times (especially dealing with the installation of Windows Live products for example), but they’ve never deliberately broken themselves because you removed one of their applications from startup… especially when said startup process doesn’t even seem to be required to be running all the time. Surely if their background Services Manager is needed when starting one of these applications, why not just start it up in the background automatically? This really isn’t rocket computer science.
When I built Skype Call Button, one of the key components threw me into the realm of registry hackery and because of that, I knew it could be easily broken by other software. So to combat the problem, I have the software do a check on all my modifications when the software next starts, and if something has changed the configuration, it prompts to fix itself. Sure, it’s not perfect and probably could be expanded even more, but I thought it best that I try to help the user as much as possible.
So if I can do it, you would think one of the top technology companies in the world could too. That said, I figured I should take a quick glance at how this software is architected.
The main folder here is fairly uneventful. Explorer reports 124 files, 14 folders, totaling up to 53.2 MB of disk space. Of interest is the uninstall.exe, which I remember was created during the initial installation when the setup declared it was “creating uninstaller”. Since their “apps” use the Windows Installer, I think it’s fairly ridiculous that they felt they had to engineer their own installer and uninstaller.
In the main \bin folder, you’ll find 13 executables and 53 DLLs including a few well known favourites, such as cURL, gSOAP, OpenSSL, Qt (including WebKit), and SQLite. This isn’t bad thing in of itself, but the requirements for AppUp say it requires the .NET Framework. Yet, they don’t seem to have used the framework at all as they have used third-party open source libraries instead, and have completely over-engineered what appears to be relatively simple software.
I’ve used my share of these app stores in the past, and although some have been fairly disappointing (for example, the Games for Windows Marketplace didn’t have any search capability until it was recently absorbed into the Xbox website), this one ranks pretty low among them.
I’m not even entirely sure why Intel feels the need to be in this market; surely most of their software partners can provide a better offering?
I’ll be leaving both Intel processes off my startup. If I feel the need to shoot chickens again, I will happily just start their background process myself.
Some of you may recall that a month ago, I was having problems syncing with OneNote and SkyDrive. Despite hours of checking through the various libraries and layers of software that might have been broken, I didn’t seem to get anywhere.
That said, there’s another odd problem I’ve observed over the past month where Outlook would pop up a “MailTips could not be retrieved” message whenever I composed email.
As I’m the only person on my Exchange server and so the feature didn’t do anything for me, I just assumed Exchange 2010 SP2 had broken something (also released and installed at the beginning of December).
But it showed up today and I figured I would deal with it.
I’m no stranger to these problems as previous Exchange/Outlook versions were far less forgiving, so my first step was to check if it could actually get to Exchange Web Services and the offline address book on my domain. I popped in the URLs in IE and they worked. Then I moved on to the Autodiscover configuration. Again, putting the URL in IE, punching in my credentials, resulted in everything checking out.
Thankfully Outlook has its own Autodiscover test feature, which outputted an error of 0x8007273D or The attempted operation is not supported for the type of object referenced.
This rang the alarm bells in my head immediately. This was just another version of the weird “sorry, I can’t do that Jonathan” message. A search only found one post talking about this error code with Autodiscover and no real solution. So although connectivity was fine in the browser, there was some connectivity or protocol problem between these few applications and the outside network.
Unfortunately debugging the traffic itself is near to impossible in this case, since both programs are closed source and one can’t just load up Wireshark to poke into HTTPS traffic. But I had a hunch that I wouldn’t need to go through all that, instead I loaded up the incredibly useful Windows SysInternals autoruns tool and starting going through the network related tabs.
And sure enough, conveniently highlighted in red (due to no digital certificate) was my problem – WideCap. Although I’ve been using “sockscap”-like software to proxy or tunnel my connection (when needed) for quite some time, I had only seen WideCap referenced somewhere very recently and tried it out… and forgotten about it.
So, heading over to the Programs applet, the final piece fell into place.
…installed on December 4th. Just a week before I noticed the OneNote problem.
So I uninstalled it, rebooted the system and loaded up OneNote. The web sync now magically worked. I started Outlook, did the Autodiscover test and it succeeded. MailTips were once again working in a new email reply. All was working again.
In my original post you may have noted that there was a thread with several people with the same problem. Although I’m not at all suggesting they’ve all installed WideCap, but I do suspect they’ve installed some other software which has lovingly inserted a winsock provider or something similar into their installation.
Back on the Messenger newsgroups, the top issue was signing into the Messenger service and if IE was working, thus proving the SSL parts of Windows were functioning, the problem usually was third-party software (almost always “internet security” related applications). In fact since Messenger was unaffected by this problem and it’s usually the first to break, it didn’t occur to me to check for this possibility a month ago.
So, another case is closed, my cloud is happy again and I’m pleased.
For over six years now I’ve had a MSN Direct watch on my wrist. I was originally given the Suunto n3 at a MVP event (which subsequently caused much grief trying to activate it) and later on was upgraded to a n3i.
At the time, smart phones and their attached data plans were still in their infancy and were quite expensive. So MSN Direct, being only ~$80/year and only a once-a-year expense seemed reasonable. You got different watch faces, weather, news, your calendar, Messenger integration, movie info, and other information all right there on your wrist, without any synchronization or fuss. As long as you kept it charged and stayed in North America, it just worked.
Or did work until a few hours from now when they pull the plug.
Admittedly those of us who actually used MSN Direct have been surprised that it’s lasted this long. I suspect it’s only stayed up for contractual reasons with the various vendors involved, as well as not being all that expensive to maintain. MSN Direct uses “DirectBand”, a Microsoft technology which injects data into the subcarrier of an FM radio station. So beyond the initial installation and probably a regular payment to the related media conglomerate, it probably didn’t cost anything to be running (web costs, support, notwithstanding).
One annoying factor about the watches is that like old-school PDAs, when they run out of power, all data contents are lost. This wasn’t a huge deal before as they’d just re-download all their data from the network, but now without the network, a power outage would drop all the downloaded fancy watch faces and any other information stored inside permanently.
This known, about four months ago I opened up my watch, took big high resolution DSLR pictures of the battery and noted down all the part numbers on a quest for a battery replacement. The battery had lasted at least five years, so I figured a new one would do the same if treated well. My web searches on the various part numbers yielded no results. So hoping they could assist with alternatives, I sent my information and pictures to a variety of battery vendors online (including one I’d dealt with before for batteries for my old Microsoft Cordless Phone).
I got two replies – one was shorter than a Steve Jobs email, “We cannot provide.” The other was a little more gracious but it was clear all they did was copy/paste my part number into their search box (as if I hadn’t done that myself). None of the others bothered to reply.
So, I gave up on that as a single forget-to-charge would drop the contents of the watch and eventually I’d be back in the position I’m in now anyway.
The “killer feature” of MSN Direct for me was the calendar and the reminders. Basically, you installed a small Outlook add-on and as you added calendar events, they would be sent to the MSN Direct servers and out to your watch automatically. If the calendar event had a reminder, the watch would beep at you at the appropriate time and your calendar event would be displayed.
However, my phone (with some minor exceptions) can handle this task relatively well now so that feature has been become less and less important. With that set aside, I’ve also been looking at “normal” watches too. I have to say I haven’t found anything yet that has stood out to me and the only one I’ve really liked was the GIEZ GS1300B-1, brought to my attention by my not-related-but-still-have-the-same-last-name contact Julian Kay. Unfortunately it’s a little too out of my league right now though.
So, I’m not really sure what I’ll do. For now, I’ll probably just hunt around in my drawer for some older watches I used to wear and go from there. Which is probably what most MSN Direct users did quite some time ago.
RIP MSN Direct.
One of the big touted features of Office 2010 is the integration with SkyDrive. I have not used such features intensely but they have worked generally as advertised… up till now.
I’m working on a web project presently and I opened up OneNote last night to check a few points in my notes. The last time I used OneNote, I had observed that my web notebook hadn’t synched but dismissed it as it was just a generic error. It was still doing the same thing now so I decided to investigate.
After not really noticing any way to immediately figure out what was going on, I figured I’d try just closing the notebook and opening it back up again.
OneNote couldn’t find any web notebooks or they are already open.
Oh really? Ah, Missing a notebook? Why yes I am. Okay I’ll follow instructions and “check Windows Live SkyDrive”.
Well it seems to be there. Let’s “Open in OneNote”…
OneNote has encountered a problem and cannot complete this operation. What problem is that? Which part of the operation?
Needless to say, after many hours of sifting through Process Monitor, removing cookies, going through the COM components being called, renaming registry keys, killing off OneNote’s configuration information, removing OneNote, repairing Office and a few reboots to be sure, it still doesn’t work.
Of course is no surprise to me, I’m not the only one. The workarounds and ideas to check there didn’t help at all in my case but as this is a fairly generic “I can’t do that” error, that is to be expected.
I popped open my laptop that hadn’t had OneNote started since installing Windows Developer Preview [Windows 8] on it, chose the initial option to use web-based notebooks, and two clicks later was staring at my fully synched and available SkyDrive notebook. So it’s not the SkyDrive service directly.
I certainly could spend more time trying to isolate the problem (and that might happen later on), but for now I’m giving up. Thankfully I haven’t lost any data as it’s all still sitting on SkyDrive, but if you were a heavy user of OneNote/SkyDrive integration (ie. on multiple PCs, the web and phone), this would certainly be a deal breaker.
UPDATE 1/8/2012 – I’ve fixed it! You can see the details on my entry, “The cloud has been made happy again“.
This week at BUILD, Microsoft announced that Messenger connect would be renamed to Live Connect and as part of that, they are enabling XMPP access to connect to the Messenger service.
The ProcessOne blog has some details on the technical aspects of this for those interested.
However, it seems that requires a proprietary authentication method so current clients won’t be able to get on (naturally I tried anyway to see what happens but it doesn’t get very far).
It will be interesting to see what happens with this in the coming months when there is more information. Although third party clients have had their own implementations of various versions of the Messenger protocol for a long time, presumably if they were to use XMPP instead they could avoid breaking them and phase out older versions of the protocol.
ADDITION 12/15: They officially talked about this on the Inside Windows Live blog.
Saw this a while back and forgot to post it. Dealextreme is offering a 4-piece “MSN Dialog Box Style” magnet for all your fridge writing needs. It also includes a pen for the low price of $9.90.
Alternatively as Messenger 2011 killed handwriting, you can now get one of these, write or draw something and mail it to your friends… or scan it… or show it on webcam.
Though seriously, it’s rather fun and the styling works out not too bad. I do wonder why they don’t have the handwriting tab in focus though.
Like a lot of people recently, I started up Skype last week and it automatically updated itself to 5.5 (from 5.3). Now, I had tried one of the initial betas of 5.5, but it excluded a dial pad to make DTMF tones and its Facebook integration was fairly intrusive (I certainly don’t need an alert/toast message every time someone logs on to Facebook) so I downgraded and forgot about it until it was automatically installed.
Thankfully my dial pad had rematerialized, as had an option to exclude Facebook from showing alerts.
Skype Home is the unwelcome guest that won’t leave
But, the first thing that was thrown at me was the ‘Skype Home’ window:
The purpose of the Skype Home window is to show your most recent contacts for easy access and any status updates they’ve posted. In the earlier 5.0 betas, there was an outcry over this same window and the feature was less intrusive in the final release. Now, it’s back with a vengeance.
Not only can you not turn it off from displaying every time you sign in, the window also periodically opens on its own, which in some cases will interrupt what you’re doing.
One important detail of note – to see this behaviour you have to switch to Skype’s “Compact View” (see the View menu for the option). This isn’t the default viewing option in Skype, and presumably one of the reasons why it has not gotten much attention. But a big problem of this is, a good chunk of the business (that is, paying) users of Skype I know prefer Compact View and they’re the ones who pay Skype’s bills presently.
A bug was filed against this “feature” on Skype’s bug tracker on the 11th of this month and so far 179 comments have been left. A lot of the comments blame Microsoft (since most of people consider them the current owner of Skype, despite the acquisition not having gone through yet) and even cite Messenger out for the “feature”.
For example, BartVP says, “Features like this will see Skype’s user experience go down the path of ICQ and MSN in a matter of days, leaving me no choice but to switch to Google Voice or other competitors for phone and messenger use.” Matt Langley asks people in the discussion, “How many people do you know who still use MSN since it started to get bloated? It’s a show stopper and there are alternatives.” And indeed, many people indicate they’ve uninstalled Skype and have started using Google Voice or other SIP providers to make calls.
We don’t want you to sign out either
Also missing after the upgrade was Skype’s Windows 7 jump list:
Before you could quickly sign out or shut down Skype by just right-clicking the menu and choosing the option, but with this gone, you now have to travel to the notification area icon (by default hidden by Windows 7) and do it there.
I installed Skype 5.5 on a new Windows installation (that is on, one which had never had Skype on it), and the jump list magically appeared on that machine, so this is strictly a problem upgrading from previous versions. I’ve only done a small bit of investigation so far to get it to re-add its jump list, but no success yet. But if you’re suffering from this problem, you can use a tool like Jumplist Extender to add the option back yourself (use Skype.exe /shutdown as the command line) until this problem is resolved.
A lot people have invested in the Skype platform. They run their businesses from it, they have incoming numbers directed towards it, they use it for conference calls with friends or for online gaming. Even people like myself have gotten used to answering incoming calls using Skype Call Button or other software solutions which depend on Skype.
Switching away from that ecosystem (and there are plenty of alternatives) can be almost impossible without another big investment and so I don’t think Skype has much to worry about (their future is guaranteed by Redmond), but these blunders just do more to damage their reputation.
Beyond user interface problems, Skype has suffered a number of outages over the past few years, and I think the Messenger service is actually more stable “outage-wise” than Skype for the time being (and you can turn off the Live Today screen).
If it were up to me, as they move towards being owned by the Microsoft Corporation, I think they should freeze all feature development and concentrate on fixing these and other longer-term bugs. Certainly I think the Skype user base would be much happy if they did.